package com.wali.config.filter;

import com.alibaba.fastjson.JSONObject;
import com.wali.common.enums.ErrorCodeEnum;
import com.wali.modules.system.enums.RoleTypeEnum;
import com.wali.modules.system.vo.SysUserVO;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;

/***
 * 登录鉴权过滤器
 *
 * @author wali
 * @date 2019年1月12号
 */
@WebFilter(filterName = "loginFilter", urlPatterns = {"/system/*", "/bil/*", "/bill/*", "/usr/*", "/com/*", "/checkIsTimeout"})
public class LoginFilter implements Filter {

    /*** 日志 */
    private Logger logger = LoggerFactory.getLogger(getClass());

    /**
     * 初始化登录过滤器
     *
     * @param filterConfig
     */
    @Override
    public void init(FilterConfig filterConfig) {
        logger.info("loginFilter init");
    }

    /**
     * 登录鉴权
     *
     * @param req
     * @param res
     * @param chain
     * @throws IOException
     * @throws ServletException
     */
    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        logger.info("loginFilter in");

        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;

        HttpSession session = request.getSession(false);
        String uri = request.getRequestURI();
        logger.info("current uri: " + uri);
        if (session == null) {
            logger.info("session is null");
        } else {
            String token = (String) session.getAttribute("access_token");
            logger.info("token is " + token);

            String access_token = request.getParameter("access_token");
            logger.info("access_token is " + access_token);

            if (StringUtils.isNotBlank(access_token) && access_token.equals(token)) {
                logger.info("loginFilter out");
                SysUserVO user = (SysUserVO) session.getAttribute("user");

                if (uri.startsWith("/bil/")) {// 只有管理员用户和分店管理员可以请求该地址
                    if (user.getRoleType() == RoleTypeEnum.ADMIN_USER_TYPE.getType()
                            || user.getRoleType() == RoleTypeEnum.STORE_ADMIN_USER_TYPE.getType()) {
                        chain.doFilter(req, res);
                        return;
                    }
                } else {
                    chain.doFilter(req, res);
                    return;
                }
            }
        }

        PrintWriter writer = response.getWriter();
        JSONObject json = new JSONObject();
        json.put("code", ErrorCodeEnum.ERROR_LOGIN_ILLEGAL_CODE.getCode());
        json.put("msg", ErrorCodeEnum.ERROR_LOGIN_ILLEGAL_CODE.getMessage());
        writer.write(json.toJSONString());
    }

    /**
     * 过滤器销毁
     */
    @Override
    public void destroy() {
        logger.info("loginFilter destory");
    }

    /**
     * @author walixu
     * @MethodName checkAdminAuth
     * @Description 校验管理员可访问权限
     * @date 2019/4/6
     */
    private void checkAdminAuth() {
        // TODO
    }
}
